package vn.edu.saigontech.ncms.web.interceptor;

import vn.edu.saigontech.ncms.model.user.Site;
import vn.edu.saigontech.ncms.util.Checker;
import vn.edu.saigontech.ncms.util.StringUtil;
import vn.edu.saigontech.ncms.web.BaseAction;

import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

@SuppressWarnings("serial")
public class SecurityInterceptor extends AbstractInterceptor {
	
	public String intercept(ActionInvocation invocation) throws Exception {
		BaseAction action = (BaseAction)invocation.getAction();
		String namespace = invocation.getProxy().getNamespace();
		String actionName = invocation.getProxy().getActionName();
		
		if(actionName.toLowerCase().indexOf("login") != -1) {
			return invocation.invoke();
		}
		if(Checker.isNull(action.SESSION().getAttribute("user"))) {	
			return BaseAction.LOGIN;
		}
		Site site = (Site) action.SESSION().getAttribute("site");
		if(!StringUtil.match(namespace, site.getPattern())) {
			return BaseAction.LOGIN;
		}
		return invocation.invoke();
	}
}
